Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 170 - January, 2014 (2nd Edition) - Page 3

PG & E Energy Statement Malware Emails

Issue 170 Start Menu

Previous Article            Next Article

Outline
Emails purporting to be from US energy service provider PG & E notify recipients that their most recent energy statement can be viewed by following a link.

Privacy concept: Malware with optical glass

© Depositphotos.com/ maxkabakov



Brief Analysis
The emails are not from PG & E. The link opens a compromised website that harbours malware. If installed, this malware can connect the infected computer to a botnet and download further malware. Subject lines and other details in the malware emails may vary.

Bookmark and Share

Example

Subject: Gas and Electric Usage Statement

Account No: 138475201-6
PG & E ENERGY STATEMENT                                
Statement Date: 01/10/2014
Due Date: 02/01/2014
 
Your Account Summary

Amount Due on Previous Statement
Payment(s) Recieved Since Last Statement

Previous Unpaid Balance

Current Electric Charges
Current Gas Charges  

$344.70
0.0

$344.70

$165.80
49.20  To view your most recent statement, please click here You must log-in to your account or register for an online account to view your statement.

Total Amount Due BY 02/01/2014 $559.7

PG & E statement Malware


Detailed Analysis


Fraudulent emails claiming to be from US energy provider Pacific Gas and Electric (PG & E) are currently being distributed.  The fake emails notify users that their most recent energy statement is available and can be viewed by following a link.  The messages include what is supposed to be a breakdown of the user's current bill.

The emails are not from PG & E as claimed. Clicking the link in the emails takes users to a compromised website that contains the Kuluoz malware.  Kuluoz can add the infected computer to the Asprox botnet. It may also download and install further malware.

Subject lines in the emails may vary. While some may have the subject line shown in the above example, others may have the subject "Delivery Canceling". Other details in the emails may also vary in different versions.

This campaign is very similar to another recent malware attack that claimed that the recipient's Atmos energy bill could be viewed by clicking a link. Again, the link opened a website that contained Kuluoz.

If you receive one of these emails, do not click on any links or open any attachments that it may contain.

Bookmark and Share




Last updated: January 14, 2014
First published: January 14, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Pacific Gas and Electric Company
Delivery Canceling - Energy Statement - Malware
'Your Atmos Energy Bill is Available' Malware Email



Previous Article            Next Article

Issue 170 Start Menu

Pages in this issue:
  1. 'Paul Walker Still Alive After Accident' Phishing and Survey Scam
  2. 'Profile Visitors for Facebook' Rogue App and Survey Scam
  3. PG & E Energy Statement Malware Emails
  4. Fake Picture: 'Thailand Snake Girl' - Serpentosis Malianorcis
  5. Tom Crist Lottery Win Advance Fee Scam
  6. Legoland Child Abduction Attempt Hoax
  7. Fake Picasa 'New Photos' Emails Point to Dodgy Pharmacy Website
  8. 'Win a Disney Cruise' Survey Scam
  9. Bogus Advice - Block Hackers by Adding 'Security' to Facebook Blocking Function
  10. Fake - Giant Squid Image
  11. Commonwealth Bank 'eStatement Ready' Phishing Scam
  12. 'Singer Rihanna Found to be Dead' Facebook Survey Scam
  13. Satire - Pope Francis and the 'Third Vatican Council'
  14. Snow Canyon Roadway Image
  15. Albert (Tapper) Torney and the Can Car Sculptures That He Did NOT Make
  16. 'Your Atmos Energy Bill is Available' Malware Email
  17. 'Beware Hack Scam Rollercoaster Clip' Facebook Warning Message
  18. Sainsbury's 'Customer Satisfaction Survey' Phishing Scame
  19. Satire - '18 Million Birds Dead New Year's Eve'
  20. Hoax - 'Marijuana Overdoses Kill 37 in Colorado'
  21. Hoax Report Claims Paul Walker Faked His Own Death
  22. 'Shark Eats Swimming Man' Facebook Survey Scam
  23. 'Notice to Appear in Court' Malware Emails
  24. 'Most Fatal Car Accident' Survey Scam
  25. Hoax - Extraordinary Planetary Alignment To Decrease Gravity on January 4
  26. 'World's Largest Snake Video' Survey Scam
  27. Michael Jackson Died Years Ago Hoax
  28. 'My Home is Burning' Facebook Phishing and Malware Scam
  29. Facebook 'Closed for Maintenance' Prank